New Xtreme RAT attacks US, Israel, and other foreign governments
(Publication) Google search: [1]
New Xtreme RAT attacks US, Israel, and other foreign governments | |
---|---|
Botnet | Xtreme RAT |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 2012-11-14 |
Editor/Conference | Trend Micro |
Link | http://blog.trendmicro.com/trendlabs-security-intelligence/new-xtreme-rat-attacks-on-usisrael-and-other-foreign-governments/ (Archive copy) |
Author | Nart Villeneuve |
Type |
Abstract
“ We recently documented an attack that leveraged the publicly available Xtreme RAT on targets in Israel and was widely reported in the media. Our friends at Norman were able to link the attack to a yearlong campaign against both Israeli and Palestinian targets. We have found that the attacks are still on-going and that the target set is broader than previously thought.
We discovered two emails sent from {BLOCKED}a.2011@gmail.com on Nov 11 and Nov 8 that primarily targeted the Government of Israel. One of the emails was sent to 294 email addresses. While the vast majority of the emails were sent to the Government of Israel at “mfa.gov.il”, “idf.gov.il,” and “mod.gov.il,” a significant amount were also sent to the U.S. Government at “state.gov” email addresses. Other U.S. government targets also included “senate.gov” and “house.gov” email addresses. The email was also sent to “usaid.gov” email addresses.
Bibtex
@misc{Villeneuve2012BFR1221,
editor = {Trend Micro},
author = {Nart Villeneuve},
title = {New Xtreme RAT attacks US, Israel, and other foreign governments},
date = {14},
month = Nov,
year = {2012},
howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/new-xtreme-rat-attacks-on-usisrael-and-other-foreign-governments/}},
}